Services that are booked or used via the Internet are constantly increasing. The Internet enables one to use several on-line services such as services connected to banks, health services, travel agencies, vehicle maintenance, and so on.
The increasing popularity of mobile computing and communications devices introduce new challenges to services on the Internet. Mobile terminals are able to deliver information to users when needed and where needed. Users want ubiquitous access to information and applications from the device at hand. They also want to access and update this information wherever they happen to be.
It is important to notice, however, that not all the terminals will be mobile. Future services must be able to communicate with a large variety of terminal devices, both those that are mobile and those that are not. Different terminal devices have very different capabilities.
Interoperability of different services and terminal devices requires standards on several levels. It is not enough to have, say, common communication protocols. It would be very important to share common concepts and understanding what a certain piece of data means in a certain context. However, it has been very difficult to agree on those issues, as there exists an enormous number of companies, organizations, and other actors in the field.
Many services must be able to manage bookings. They include for example booking appointments for health services; booking travel reservations for hotels, airlines, and rental cars; booking tickets for venues; booking appointments for vehicle maintenance; booking maintenance for apartments; and so on. It would be very useful, if those services could get information from one another. For example, if a customer is booking tickets for a concert, he or she might want to book a table in a restaurant also. It helps, if the restaurant's booking service gets basic information, like date and customer's name from the theater's booking system. Unfortunately, there have not been methods to exchange information between different kinds of booking systems.
Additionally, such services as well as other services/companies such as banks and credit card companies have long had the problem of verifying that the user attempting to make a reservation, booking or purchase is the actual user that they claim to be. Similarly, customers would like to know that the information that they are providing to these services/companies is going to the actual company and that their information is secure. With identity fraud resulting from submitting personal information over the internet being a concern for many web users there exists the need for a safer authentication alternative than currently exists.
Companies and organizations, such as software developers and pharmaceutical companies, have for a long time dealt with the problem of piracy. Not only are such entities harmed by lost sales from counterfeit goods but consumers who unknowingly purchase counterfeit goods can be harmed by, for example, malware installed by hacked software or poor quality and mislabeled counterfeit drugs. Currently, such companies are trying to develop methods in which the authenticity of their products can be easily determined by their customers either prior to purchase or prior to use.
For services such as booking or calendar functions, information exchange often takes place as synchronizing booking or calendar entries. For that purpose, several important standardization efforts are going on. For example, SyncML is an industry initiative to develop and promote a single, common data synchronization protocol.
vCalendar is an exchange format for personal scheduling information. It is applicable to a wide variety of calendaring and scheduling products and is useful in exchanging information across a broad range of transport methods. A number of vendors have adopted the specification because it allows their products to exchange calendaring and scheduling information. vCalendar is an open specification based on industry standards such as the x/Open and APIA Calendaring and Scheduling API (CSA), the ISO 8601 international date and time standard and the related MIME email standards. The vCalendar format utilizes data normally stored within a calendaring and scheduling application, facilitating the cross platform exchange of information about items such as events and to-do's. An event is a calendaring and scheduling entity that represents a designated amount of time on a calendar. A to-do is a calendaring and scheduling entity that represents an action item or assignment. For instance, it may be an item of work assigned to an individual.
vCard automates the exchange of personal information typically found on a traditional business card. vCard is used in applications such as Internet mail, voice mail, Web browsers, telephony applications, call centers, video conferencing, PIMs (Personal Information Managers), PDAs (Personal Data Assistants), pagers, fax, office equipment, and smart cards. In addition to text, vCard information may include elements like pictures, company logos, live Web addresses, and so on.
A common problem with all of these existing solutions is that they do not provide common semantics for different systems and the transfer of information may not always be as secure, or at least perceived as secure by customers, as many customers wish. Another problem is that booking systems have multiple different and usually quite complex user interfaces. If a customer wants to both make an appointment with a dentist and book a taxi to take him or her there, the customer needs to enter all the booking information to both booking systems in different ways. While the dentist may have in place a secure method of making reservations, authenticating the client who makes the reservation and receiving payment for a booking, the taxi company may not.
Additionally, it becomes challenging to manage client replies for instance when a client has been given a number of questions. For example, it makes sense to use SMS text messages to ask a client which option he or she chooses, because in many countries, like in Finland, it is very common to communicate with SMS text messages and they create revenues to operators. However, if a client replies to several inquiries by sending a number of text messages, it can be troublesome to find out, which answer corresponds to a certain question because the reply does not automatically include a reference to the question. Say, a service asks a client if they want to reserve, in addition to a flight ticket, also a taxi and a hotel room, and the client replies “yes” to one question but “no” to the other, the service does not necessarily know which offer the client has accepted.
Other problems, such as clients not showing up for appointments, not using a service more than once or long intervals between use of a service can be addressed through the use of new systems and methods.
Accordingly, attempts to execute financial transactions wherein clients utilize mobile terminals without additional proprietary software are handicapped by limitations of current mobile communication protocols, such as the short message service (SMS). Notably, the SMS protocol provides no standardized manner for authenticating mobile users or managing sessions. Lack of standardized authentication techniques leaves systems vulnerable to fraud, while lack of standardized session management makes it difficult for service providers to keep track of which of the clients' responses correspond to which questions from the service provider. On the other hand, session management, fraud prevention and introduction of new services should not be overly complex.